package com.cz.auth.controller;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

/**
 * <p>验证token</p>
 * <pre>
 * @author gitamacai
 * @date 2019/11/14 15:39
 * </pre>
 */
@RestController
@RequestMapping("/oauth")
public class TokenController {

    @Autowired
    private TokenStore tokenStore;

    /**
     * 覆盖了 spring-security-oauth2 内部的 endpoint oauth2/check_token
     * spring-security-oauth2 内部原有的该控制器 CheckTokenEndpoint，返回值，不符合自身业务要求，故覆盖之。
     */
    @GetMapping("/check_tokens")
    public OAuth2AccessToken getToken(@RequestParam(value = "token") String token) {
        OAuth2AccessToken OAuth2AccessToken = tokenStore.readAccessToken(token);
        return OAuth2AccessToken;
    }

    /**
     * 获取当前token对应的用户主体的凭证信息(认证对象)
     */
    @GetMapping("/getAuth")
    public OAuth2Authentication getAuth(@RequestParam(value = "token") String token) {
        OAuth2Authentication oAuth2Authentication = tokenStore.readAuthentication(token);
        return oAuth2Authentication;
    }
}
